vimvaders
diff --git a/‎sCTF-2015/README.md
+57 b/‎sCTF-2015/README.md
+57
diff --git a/‎sCTF-2015/coding/Flufferduff/README.md
+31 b/‎sCTF-2015/coding/Flufferduff/README.md
+31
diff --git a/‎sCTF-2015/crypto/Cipherception/README.md
+45 b/‎sCTF-2015/crypto/Cipherception/README.md
+45
diff --git a/‎sCTF-2015/crypto/Crib Drag/README.md
+41 b/‎sCTF-2015/crypto/Crib Drag/README.md
+41
diff --git a/‎sCTF-2015/crypto/I Like Bacon/README.md
+32 b/‎sCTF-2015/crypto/I Like Bacon/README.md
+32
diff --git a/‎sCTF-2015/crypto/MD5/README.md
+28 b/‎sCTF-2015/crypto/MD5/README.md
+28
diff --git a/‎sCTF-2015/crypto/MD5_2/README.md
+24 b/‎sCTF-2015/crypto/MD5_2/README.md
+24
diff --git a/‎sCTF-2015/crypto/aGFtcHduZXIz/README.md
+31 b/‎sCTF-2015/crypto/aGFtcHduZXIz/README.md
+31
diff --git a/‎sCTF-2015/crypto/coney/README.md
+29 b/‎sCTF-2015/crypto/coney/README.md
+29
diff --git a/‎sCTF-2015/crypto/coney/coney.gif
494 KB b/‎sCTF-2015/crypto/coney/coney.gif
494 KB
diff --git a/‎sCTF-2015/crypto/qes/README.md
+38 b/‎sCTF-2015/crypto/qes/README.md
+38
diff --git a/‎sCTF-2015/crypto/qes/seq.png
2.49 KB b/‎sCTF-2015/crypto/qes/seq.png
2.49 KB
diff --git a/‎sCTF-2015/pwnable/Cruel Guessing Game/README.md
+21 b/‎sCTF-2015/pwnable/Cruel Guessing Game/README.md
+21
@@ -0,0 +1,57 @@
+# sCTF 2015 Write-ups
+
+* <http://compete.sctf.io/>
+* [Scoreboard](http://compete.sctf.io/scoreboard.php)
+
+## Completed write-ups
+
+* [Flufferduff](coding/Flufferduff)
+* [aGFtcHduZXIz](crypto/aGFtcHduZXIz)
+* [Cipherception](crypto/Cipherception)
+* [Coney](crypto/coney)
+* [Crib Drag](crypto/Crib Drag)
+* [I Like Bacon](crypto/I Like Bacon)
+* [MD5](crypto/MD5)
+* [MD5_2](crypto/MD5_2)
+* [qes](crypto/qes)
+* [Cruel Guessing Game](pwnable/Cruel Guessing Game)
+* [Deceptive Ports](pwnable/Deceptive Ports)
+* [Graphics Interchange Format](steganography/Graphics Interchange Format)
+* [Hello World](trivia/Hello World)
+* [Survey](trivia/Survey)
+* [That Sounds Delicious](trivia/That Sounds Delicious)
+* [Every 7 Seconds](web/Every 7 Seconds)
+* [Impromptu GET](web/Impromptu GET)
+* [strpos](web/strpos)
+
+## Incomplete write-ups
+
+
+* [Simple Guessing Game]()
+* [Not-So-Simple-Guessing Game]()
+* [Busy Beaver Problem]()
+* [The Turing Machine WWII]()
+* [180 Degrees]()
+* [No Yen To Use]()
+* [Big Real Estate]()
+* [1.21 Warp]()
+* [```<h1></h1>```]()
+* [Overflow]()
+* [Cookies]()
+* [SQL]()
+* [196-Algorithm World]()
+* [Overflow 2]()
+* [Degrees Kelvin]()
+* [Obfuscated Python]()
+* [Acoustician]()
+* [Bob's Private Server]()
+* [Large Numbers]()
+* [The Numberic Approach]()
+
+
+##Competitors
+
+* Felipe Faria - [sync](https://github.com/Synchronizing)
+* Alejandro Lucena - [hincoin](https://github.com/Hincoin)
+* Richard Liu - [Dracae](https://github.com/Dracae)
+* Zonshen Yu - [Muggist](https://github.com/Muggist)
@@ -0,0 +1,31 @@
+# Flufferduff
+
+**Category:** Coding
+**Points:** 20
+**Author:** 
+**Description:**
+
+>We here at sCTF enjoy weird words.
+>
+>Let *(n) = d(n) - x(n) where x(n) is the sum of all odd numbers above 0 and before n, exclusive, and d(n) is the sum of all primes in the range of (0,n), exclusive.
+>
+>When *(n) is negative, we call this a flufferduff.
+>
+>Find the number of flufferduffs below 1000.
+
+
+## Write-up
+
+This problem is one of the more self-explanatory ones.
+[Flufferduff Pastebin](http://pastebin.com/YgLBpNE5)
+
+If your code doesn't work, sucks... I ain't bug-fixin dat shizzle.
+
+If you brute forced the problem, I salute you!
+
+##Flag
+>991
+
+## Other write-ups and resources
+
+
@@ -0,0 +1,45 @@
+# Cipherception 
+
+**Category:** Crypto
+**Points:** 35
+**Author:** 
+**Description:**
+
+>OCBnbCB0bCAxMCBmZGFuIHlkIGxkIFlndiBydnogYmQgcG1qcHpkX2Z4Y3liY3R2X2FibGxiY2w=
+
+>5Affine2 > 8Caesar > Atbash > B64
+
+## Writeup
+
+To begin solving the problem one must recognize that all the plain-text words given within the problems are simple encryption methods. With this in mind, and the obvious direction of the arrow, one can backtrack the ciphers to gain the plain-text.
+
+>B64 > Atbash > 8Caesar > 5Affine2
+
+
+```
+Base64: 8 gl tl 10 fdan yd ld Ygv rvz bd pmjpzd_fxcybctv_abllbcl
+```
+
+Once the Atbash had been obtain, the chain of decryption is kept going:
+```
+Atbash: 8 to go 10 uwzm bw ow Bte iea yw knqkaw_ucxbyxge_zyooyxo
+```
+
+Atbash to Caesar with shift of 8:
+```
+8Caesar: 8 lg yg 10 more to go Tlw aws qo cficso_muptqpyw_rqggqpg
+```
+
+Affine with A coefficient of 5, B coefficient of 2. User had to remove all unnecessary plaintexts before running throgh Affine.
+
+```
+Caesar: Tlw aws qo cficso_muptqpyw_rqggqpg
+Affine: The key is always_continue_digging
+```
+
+The key has now been successfully extracted.
+
+## Flag
+>always_continue_digging
+
+## Other write-ups and resources
@@ -0,0 +1,41 @@
+# Crib Drag
+
+**Category:** Crypto
+**Points:** 35
+**Author:** 
+**Description:**
+
+>2d0710181b01111f0817171401071c11091a0a
+>3c091311111a1a0e180003120d1a0811091a0a
+
+## Writeup
+
+Using our google-fu, two very great resources emerge... [link 1](http://travisdazell.blogspot.com/2012/11/many-time-pad-attack-crib-drag.html) [link 2](https://cryptocult.wordpress.com/cyber-challenges/stanford-cryptography-i-programs/program-1/)
+
+
+After loading the python in, we start guessing cribs.
+```
+"the" gives nothing good.
+"you" gives "hav". We should try "have"
+"have" gives "youl". We should try "youll"
+"youll" gives "havef". We should try "havefun"
+"havefun" gives "youllne". We should try "youllnever"
+"youllnever" gives "havefungue". We should try "havefunguessing"
+"havefunguessing" gives "youllneverguess"
+```
+It looks like part of our plaintext messages are "havefunguessing" and "youllneverguess", with the end missing. The missing part is the same though, "11091a0a". We should assume "11091a0a" = "this", so our messages are "havefunguessingthis" and "youllneverguessthis"
+
+
+That's pretty much it. To find the key, we just xor the hex of our plain text with the encrypted to get the flag.
+```
+xor 2d0710181b01111f0817171401071c11091a0a with 796f756c6c6e65766572677565737374686973
+output 54686574776f74696d65706164746f65617379
+hextoascii 54686574776f74696d65706164746f65617379 to Thetwotimepadtoeasy
+```
+
+## Flag
+>Thetwotimepadtoeasy
+
+## Other write-ups and resources
+
+
@@ -0,0 +1,32 @@
+#I Like Bacon 
+
+**Category:** Crypto
+**Points:** 15
+**Author:** 
+**Description:**
+
+>... .- -- ..- . .-.. ..--.- -- --- .-. ... . ..--.- .. ... ..--.- -.-. --- --- .-.. ..--.- -... ..- - ..--.- -... .- -.-. --- -. ..--.- .. ... ..--.- -.-. --- --- .-.. . .-. ..--.- -... .- .- -... -... .- .- -... -... -... .- -... .- .- .- -... .- .- -... .- .- -... .- .- .- -... .- .- -... .- -... .- .- -... -... .- .- -... -... -... .- .- -... .- .- .- .- -... .- -... .- -... .- -... -... .- .- .- .- .- .- .- -... -... .-
+
+
+## Writeup
+This is a cryptography question. Looking at it, the question appears to be in [morse code](http://en.wikipedia.org/wiki/Morse_code). Plugging that into a morse code decrypter, we get the following message:
+
+```
+SAMUEL MORSE IS COOL BUT BACON IS COOLER BAABBAABBBABAAABAABAABAAABAABABAABBAABBBAABAAAABABABABBAAAAAAABBA
+```
+
+The returned string seems to contain some sort of diss and a new ciphered text. 
+
+```
+BAABBAABBBABAAABAABAABAAABAABABAABBAABBBAABAAAABABABABBAAAAAAABBA
+```
+
+Looking up [Bacon cipher](http://en.wikipedia.org/wiki/Bacon%27s_cipher), we find what the second message was encoded with. Utilizing an online decipher we receive the flag.
+
+## Flag
+
+>THISISTHEFLAG
+
+## Other write-ups and resources
+
+
@@ -0,0 +1,28 @@
+# MD5 
+
+**Category:** Crypto
+**Points:** 30
+**Author:** 
+**Description:**
+
+>Given the following MD5 hash:
+
+>0AB1A9222A15DA1159EB94212C5C8BAF
+
+>There are 3 parts to the original text. The first part is a random number, 0-99 inclusive. The second part is a random letter, lowercase a-z inclusive. The third and final part is a random number, 0-999 inclusive.
+
+>For example, 19f599 or 0a159 could be possible combinations. There are no 0's for blank spaces, for example 0a001 is not valid. It would be 0a1.
+
+>Find the original text.
+
+## Writeup
+After been given an MD5 hash the user could either attempt to brute-force it, or utilise an online service to attempt to find the plain-text matching the hashed one.
+
+Attempting to bruteforce it would take several hours depending on software utilised, and thus using an online database is the best option between the two (or at least worth a try).
+
+Simply pasting the MD5 into [HashKiller.co.uk](http://www.hashkiller.co.uk/md5-decrypter.aspx) the user receives the flag.
+
+## Flag
+>15q478
+
+## Other write-ups and resources
@@ -0,0 +1,24 @@
+# MD5_2 
+
+**Category:** Crypto
+**Points:** 40
+**Author:** 
+**Description:**
+
+>Given the following MD5 hash:
+
+
+>2E561F52DF1F1A31B5C4A00D0C846728
+
+
+>And that the alphanumeric all lowercase text is less than 8 characters, find the original text (the flag).
+
+## Writeup
+Very similiar to the first MD5 problem, the user could either attempt to bruteforce the MD5 hash or simply look within online databases.
+
+Simply pasting the MD5 into [HashKiller.co.uk](http://www.hashkiller.co.uk/md5-decrypter.aspx) the user receives the flag.
+
+## Flag
+>581qq92
+
+## Other write-ups and resources
@@ -0,0 +1,31 @@
+# aGFtcHduZXIz 
+
+**Category:** Crypto
+**Points:** 40
+**Author:** 
+**Description:**
+
+>[Boop](http://pastebin.com/yEUZWrRd)
+
+## Writeup
+
+Wow, can they get anymore cryptic? xP
+First task: Figure out the title
+
+>aGFtcHduZXIz > Base64 > hampwner3
+
+Looks like a username. Let's use our google-fu and check out the results.
+We find a [Youtube](https://www.youtube.com/user/hampwner3) , a [RoosterTeeth](http://roosterteeth.com/hampwner3) and a [Quizlet](http://quizlet.com/hampwner3) ...
+
+Trying the Youtube and RoosterTeeth doesn't get us anywhere, but the Quizlet contains a clue... Sir hampwner3's [spanish quiz](http://quizlet.com/11856164/spanish-cards-flash-cards/) has a [youtube link](https://www.youtube.com/watch?v=jlcTNS2TUhg) as the last term. 
+
+Navigating to the video, we see Lux Ion's comment ...
+>Wow cool video! フラグはハムです。
+
+This roughly translates to ...
+> Flag is ham.
+
+## Flag
+>ham
+
+## Other write-ups and resources
@@ -0,0 +1,29 @@
+# Coney
+
+**Category:** Crypto
+**Points:** 60
+**Author:** 
+**Description:**
+
+>![coney](coney.gif "Coney")
+
+##Solution
+
+Due to the name of the problem, the most logical thing to do was simply Google ```Graphics Interchange Format``` which would lead the user to the wikipedia page [GIF](http://en.wikipedia.org/wiki/GIF). After reading a bit one would notice the header (```47 49 46 38 37 61```) and the terminating (```3B```) hex of a standart GIF. After consulting a trusty hex editor it was noticed that while the header was correct, the terminating hexadecimal was not.
+
+Due to the incorrect terminating hexadecimal one would assume that the file was merged with something else. After utilising wikipedia's page on [List of file signatures](http://en.wikipedia.org/wiki/List_of_file_signatures) and comparing possible files that could have merged, it was found a compressed file was is the cause.
+
+Simply opening the file using WinZip, Winrar, or 7-Zip prompted a file name ```x```. The file contained:
+
+>U2FsdGVkX1/seMYknjQGW971EboRgFcx+jfczzdSrWMjt1xwRrPnQBbEsz+Mt7dA4xxsOVB88e8VGl70
+
+After some research on possible ciphers utilising the gif's content as reference, the user would've stumble upon the [Rabbit Cipher](http://en.wikipedia.org/wiki/Rabbit_%28cipher%29). Utilising a online rabid decipher and the key ```rabbit``` as guessed through the content of the image, the following was retrieved:
+
+>The key is who_knew_there_is_a_rabbit_cipher
+
+
+##Flag
+
+>who_knew_there_is_a_rabbit_cipher
+
+## Other write-ups and resources
@@ -0,0 +1,38 @@
+# Q.E.S.
+
+**Category:** Crypto
+**Points:** 80
+**Author:** 
+**Description:**
+
+>![seq](seq.png "seq")
+
+
+## Writeup
+
+Cryptic problem time! Where to start... We focus on the file name of the picture, seq.png. We assume seq stands for sequence, and we conclude the pattern in QES utilizes sequences. However when we try plugging the numbers into https://oeis.org/ , no known sequence is found. We have to assume that QES contains multiple sequences.
+
+Anytime you have sequences, look for fibonacci numbers. CTFs LOVE fibonacci. Here I have highlighted the fibonacci terms I see...
+
+![redSeq](http://tinyurl.com/qem7mgb "redSeq")
+
+A suspiciously nice pattern... Every third term starting from the first is part of the fibonacci sequence. We try every third term starting from the second, and with the guiding hand of https://oeis.org/ we discover this second sequence is the lucas sequence! Finally, every third term starting from the third number forms the pentagonal numbers sequence.
+
+![coloredSeq](http://tinyurl.com/qxsebx7 "coloredSeq")
+
+From here, we need to complete the grid, a trivial task.
+
+![fullColoredSeq](http://s16.postimg.org/pwvjc7g5x/QES.png "fullColoredSeq")
+
+The flag is just the rest of the grid.
+
+    13  29  70  21  47  92  34
+    76  117 55  123 145 89  199
+    176 144 322 210 233 521 247
+
+##Flag
+
+>13297021479234761175512314589199176144322210233521247
+
+## Other write-ups and resources
+
@@ -0,0 +1,21 @@
+# Cruel Guessing Game
+
+**Category:** Pwnable
+**Points:** 55
+**Author:** 
+**Description:**
+
+>I'm thinking of an integer between 1 and 1000.
+>
+>python.sctf.io:11236
+>
+>My number is randomly generated each time you guess.
+
+## Solution
+
+http://pastebin.com/hnJ4c4Mr
+
+## Flag
+>thatwascruel
+
+## Other write-ups and resources